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Abstract. We introduce several new methods to obtain upper 
bounds on the number of solutions of the congruences 

f{x) = y (mod p) and f{x) = (mod p), 

with a prime p and a polynomial /, where (x, y) belongs to an arbi- 
trary square with side length M . We use these results and methods 
to derive non-trivial upper bounds for the number of hypcrcUiptic 
curves 

over the finite field Fp of p elements, with coefficients in a 2g- 
dimcnsional cube 

(ao, . . . , a2g-i) e [Ro + 1, i?o + A/] x . . . x [i?2g-i + I, R2g-i + M] 

that are isomorphic to a given curve and give an almost sharp 
lower bound on the number of non-isomorphic hyperelliptic curves 
with coefficients in that cube. Furthermore, we study the size of 
the smallest box that contain a partial trajectory of a polynomial 
dynamical system over Fp. 



1. Introduction 

1.1. Motivation. Studying the distribution of integer and rational 
points on curves, and more general on algebraic varieties that belong to 
a given box is a classical topic in analytic number theory. For the case 
of plane curves with integer coefficients, essentially the best possible 
results are due to Bombieri and Pila [6l[3ll[32]. Furthermore, recently 
a remarkable progress has been made in the case of hypersurfaces and 
varieties over the rationals, see the surveys [SI EDI 135] as well as the 
original works [261 123 |33] . 

Significantly less is known about the distribution of points in boxes 
on curves and varieties in finite fields. For reasonably large boxes, 
bounds of exponential sums, that in turn are based on deep methods of 
algebraic geometry, lead to asymptotic formulas for the number of such 

points, see [16l [171 EH]. Certainly when the size of the box is decreasing 
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then beyond a certain threshold no asymptotic formula is possible (in 
fact the expected number of points can be less than 1). In particular, 
for such a small box only one can expect to derive upper bounds on the 
number of points on curves that hit it. This question has recently been 
introduced in [12] where a series of general results has been obtained 
(we also mention the work [9l [111 IH] where this question has been 
studied for some very special curves). Besides of being interesting in 
their own right, such results have several applications, for example, 
to polynomial dynamical systems and to so-called "visible" points on 
curves over finite fields, see [12]. 

Here we make more advances in this direction, consider more general 
curves and improve several previous results. However, we consider that 
then main feature of the paper is a variety of methods we introduce 
which we believe can be used for a number of other questions. 

We also give two further applications of our results and methods. 
First of all, we study the distribution of isomorphism classes of hy- 
perelliptic curves of genus g >1 m some families of curves associated 
with polynomials with coefficients in a small box. In the case of elliptic 
curves this question has been studied in [T3]. Here we improve some 
of the results of [13] and also use new methods to study the case of 
g > 2. Surprisingly enough, in the case of the genus g > 2 we obtain 
estimates and use methods that do not apply to elliptic curves (that 
is, to g = 1). 

Second, we consider polynomial dynamical systems and study for 
how long a particular trajectory of such a system can be "locked" 
in a given box. In particular, we extend and improve several results 

of [iniiniiiB]. 

1.2. Basic definitions and problem formulation. For a prime p, 
let ¥p denote the finite field of p elements, which we assume to be 
represented by the set {0, 1, ... ,p — 1}. Given a polynomial / G 
of degree m > 3, and a positive integer M < p,we define by If{M; R, S) 
the number of solutions to the congruence 

(1) y'^ = f{x) (modp), 
with 

(2) (x, y)e[R+l,R + M]x[S + l,S + M]. 

If the polynomial y"^ — f{x) is absolutely irreducible, it is known from 
the Weil bounds that 

/l/f2 

(3) If{M; R,S) = — + 0(pi/2(logp)2), 



POINTS ON CURVES IN SMALL BOXES AND APPLICATIONS 3 

where the imphed constant depends only on m, see [361 SO]- It is clear 
that the main term is dominated by the error term for M < p^/^logp, 
and for M < p^/^(logp)^ the result becomes weaker than the trivial 
upper bound If{M] R, S) < 2M. Here we use a different approach and 
give nontrivial estimate of If{M;R,S) for M < when m = 3, 

and for M < p^/^~^ when m > 4. In particular, in the case m = 3 
our result improves on the range of M the bound obtained in [13] . We 
note that nontrivial bounds on the number of solutions (x, y) to the 
congruence 

y = f{x) (modp), 

satisfying ([2]), have been obtained in [12] for any M < p. We also 
mention that nontrivial bounds on the number of solutions (x, y) to 
the congruences 

xy = a (mod p), 

and 

y = -i?^' (mod p), 

satisfying ([2]), have been given in [9] with further improvements in [TT] . 
Similar results for the congruence 

Q{x,y) = (mod p), 

where Q{x, y) is an absolutely irreducible quadratic form with a nonzero 
discriminant, can be found in |41j . 

A special case of the equation ([T]) are hyperelliptic curves over Fp. 
The problem of concentration of points on hyperelliptic curves and 
polynomial maps is connected with some problems on isomorphisms 
that preserve hyperelliptic curves. Let (? be a fixed positive integer 
constant. We always assume that p is large enough so, in particular, 
we have gcd(p, 2{2g + 1)) = 1. Any hyperelliptic curve can be given by 
a non-singular Weierstrass equation: 

where a = (ao, . . . , a2c/-i) G F^^ (the non-singularity condition is equiv- 
alent to non- vanishing of the discriminant of X^^"*"^ + 02^-1^^^"^ -(-...+ 
aiX + oo), we refer to [T] for a background on hyperelliptic curves and 
their applications. 

It follows from a more general result of Lockhart [211 Proposition 1.2] 
that isomorphisms that preserve hyperelliptic curves given by Weier- 
strass equations are all of the form (x, y) — ?■ (a^x, a'^^'^^y) for some 
a G F*, see also [221 Section 3]. Thus is isomorphic to i^b, which 
we denote as ~ Hy^, if there exists a G F* such that 

(4) tti = a^^^'^-Hi (mod p), i = 0, . . . , 2^ - 1. 
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It is known (see [221 129]) that the number of non isomorphic hyperel- 
hptic curves of genus g over Fp is 2p^^~^ + O^gp"^^""^). We address here 
the problem of estimating from below, the number of non-isomorphic 
hyperelliptic curves of genus g over Fp, H^, when a = (oq, • • • , a2g~i) 
belongs to a small 2(7-dimensional cube 

(5) ^ = [i?o + 1, + M] X . . . X [i?2,-i + 1, i?25.i + M] 

with some integers Rj, M satisfying < i?j </?-, + M < p, j = 
0,...,2g-l. 

In particular, we note that all components of a vector a G 23 are 
non-zero modulo p. Our methods below work without this restriction 
as well, however they somewhat lose their efficiency. 

We also give an upper bound for the number 

N{H; ®) = #{a = (ao, . . . , a2,_i) G 23 : ^ H} 

of hyperelliptic curves iJa with a G *B that are isomorphic to a given 
curve H. 

In particular, our estimates extend and improve some of the results 
of [13] where this problem has been investigated for elliptic curves (that 
is, for (7 = 1). 

First we observe that for large cubes one easily derives from the Weil 
bound (see [211 Chapter 11]) an asymptotic formula 

N{H-^) = -^^+0{p"\\ogpf^) 

(see also the proof of [2T1 Theorem 21.4]). So we have an asymptotic 
formula for N{H] 03) as long as M > j)i~i/(49)+e for any fixed e > 0. 

However here we are mostly interested in small values of M. 

We note that we always have the trivial upper bound 

N{H; 53) < 2M. 

To see this, let H = H]^, b = {bo, . . . , &23-1) ^ ^l^, be given by a 
Weierstrass equation. We observe that if ~ H and H = H\j, where 
b = (60, • • • , ^2g-i) £ ^ff then a2g_i can take at most M values in F*, 
and each a2g-i determines two possible values for in (jlj). 

It is also useful to remark that one can not expect to get a general 
bound stronger than 

N{H;^) = 0(M^/(23+i))_ 

To see this we consider the set Q of quadratic residues modulo p in 
the interval [1, M^/^^^"*"^^]. It is well-known that for almost all primes p 
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(that is, for all except a set of relative density zero) we have 

#Q ~ 0.5M^/(29+i)^ 

For example, this follows from a bound of Heath-Brown [191 Theorem 1] 
on average values of sums of real characters. 
Consider now the set 

A = {ae¥p : e Q}, 

the curve H : = X^9+i + x^s^i + X^^^^ + . . . + X + 1 and the 2^- 
dimensional cube = [1, M]'^^. It is clear that (a^ a^ . . . , G ^ 

for all a e ^. On the other hand = 2#Q ~ jv/^/^^s+i). 

1.3. General notation. Throughout the paper, any implied constants 
in the symbols O, <^ and ^ may occasionally depend, where obvious, 
on the degree of polynomial / G Fp[X], on the genus g and the real 
positive parameters e and 6, and are absolute otherwise. We recall that 
the notations U = 0{V), U <t^V and V ^ U are all equivalent to the 
statement that \U\ < cV holds with some constant c > 0. 

The letters, h, m, n, r, s in both upper and lower case, always denote 
integer numbers. 

2. Our Results 

2.1. Points on curves in small boxes. We combine ideas from [HI 
\T2\ [T3] with some new ideas and derive the following results. 

Theorem 1. Uniformly over all polynomials f G Fp[X] of degree 
deg / = 3 and 1 < M < p, we have 

^,j5/3+o(l) 



If{M;R,S) < Mi/3+o(i) ^ ^^^^ 



as M ^ oo. 



One of the implications of Theorem [T] is that for elliptic curves, that 
is, when the polynomial / in ([T]) if cubic, the bound If{M;R,S) < 
]\^i/3+o{i) ]-^Q[^g fQj» ]\/[ ^ pi/s^ while [131 Theorem 6] guarantees this 
bound only for M <^ p^^^. We also note that when deg/ = 3, our 
upper bounds for If{M; R, S) imply the same bounds for N{H; 53) in 
the case of elliptic curves. 

Further, when M < p^/^~^ for some e > 0, Theorem [T] guarantees a 
nontrivial bound If{M;R,S) -C M^~^ with some 6 > that depends 
only on e, improving upon the range M < p^/^"^ obtained in [T3] . 
However, using a different approach, that is based on the ideas of [7], 
we can obtain a nontrivial bound in the range M < 
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Theorem 2. Uniformly over all polynomials f G Fp[X] of degree 
degf = 3 and M >1, we have 

IfiM; R, S) < M^/3+o(i) ^ jvfi+o(i). 

The combination of Theorems [1] and [2] gives the following estimate: 

Corollary 3. Uniformly over all polynomials f G of degree 

deg / = 3 and 1 < M < p, we have 

( M-2/3, if M < p^/^, 

If{M; R, S) < M^+"^'^ \ (M7p)1/6, if pV8 < M < p^/ss^ 

[ (MVp)1/16, if p5/23 < M < 

as M — 7- oo. 

Our next result shows that when deg / > 4 we also have a nontrivial 
bound for //(M; R, S) in the range M < 

To formulate our result, we define Jk,m{.H) as the number of solu- 
tions of the system of m diophantine equations in 2k integral variables 

Xl, . . . -I X2k- 

•^1 ^ ■ ■ ■ ^ — -t- . . . X2fc, 

(6) 

Xi + . . . + Xk — Xk+1 + . . . X2k, 
1 < Xi, . . . ,X2k < H. 

We also define K{m) to be the smallest integer k such that for any 
integer k > k there exists a constant C{k, m) depending only on k and 
m and such that 

(7) Jk,m{H) < Cik, ^)i72fc-m(m+l)/2+o(l)^ 

as — J- OO. Note that by a recent result of Wooley [33 Theorem 1.1], 
that improves the previous estimate of [2H], we have K{m) < m? — 1 
for any m > 3. 

Theorem 4. Uniformly over all polynomials f G IFp[X] of degree 
deg f = m > 4 and 1 < M < p, we have 

If{M- R, S) < M(MVp)^/2«("*)+°(i) + Mi-('"-3)/2'^("*)+°(i), 

as M — 7- oo. 

In particular, for any e > 0, there exists 6 > that depends only on 
e and deg / such that if M < pV3-e ^nd deg / > 4, then //(M; R, S) < 
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Next, we turn to estimates on N{H; 53). A simple observation shows 
that in the case of hyperelhptic curves with g > 2 the quantity N{H] 53) 
is closely related to the problem of concentration of points of a qua- 
dratic polynomial map. Then one can apply the general result of [12] 
and get a nontrivial upper bound for N{H; 03) for any range of M. 
However, here we use a different approach and we obtain a better 
bound. We prove the following result, which, besides of its applica- 
tion to bound the quantity N{H; 53), is of independent interest. 

Theorem 5. Let f G Fp[X] be a polynomial of degree m > 2. Then 
for 1 < M < p the number Jf{M; R, S) of solutions to the congruence 

f{x)=y (modp), {x,y)e[R + l,R + M]x[S + l,S + M], 

is bounded by 

Jf{M; R, ^) « — + Mi-i/^-^-^"^'^ 
P 

as p — 7- oo . 

We remark that in [12], the bound 

J/(M; R, S) < M(M/p)i/2K(m)+o(i) ^ ^i-(^-i)/2kM+o(i) 

has been given which is stronger than Theorem O for large values of m. 
Also in [ig for M < ^2/(^2+3)^ ^-^e bound 

(8) J/(M;i?,5) < Mi/'"+°(i) 

has been obtained. 

2.2. Isomorphism classes of hyperelliptic curves in thin fami- 
lies. Using dH), we derive from Theorem |5] and ([8]) the following con- 
sequence 

Corollary 6. For any hyperelliptic curve H of genus g > 2 over ¥p 
and a cube ^ given by with 1 < M < p, we have 

P 

Furthermore, as we have mentioned above, when g = 1 the problem 
of estimating N{H; 53) is equivalent to estimating the concentration of 
points on certain curves of degree 3 (which are singular and thus are 
not elliptic curves) and Theorem [1] applies in this case. Using the idea 
of the proof of Theorem [H we establish the following result which is 
valid for any hyperelliptic curve. 
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Theorem 7. For any hyperelliptic curve H of genus g > I overWp, any 
cube 03 given by with 1 < M < p and any odd integer h E [3,2g+l], 
we have 

as M — 7- oo. 

We observe that if M < pi/(292+2<;+4) ^^len, taking h = 2g + 1 in 
Theorem H we obtain the estimate N{H; < Mi/(2<;+i)+o(i) ^^ich, 
as we have seen, is sharp up to the o(l) term. 

Let H (53) be a collection of representatives of all isomorphism classes 
of hyperelliptic curves Hg^, a G 03, where is a 2(jf-dimensional cube 
of side length M. In [13] the lower bound #n (53) > min{p, M'^+°'^^^} 
has been obtained for elliptic curves (that is, for g = 1). We extend 
this result to g > 2. Certainly the upper bounds of our theorems lead 
to a lower bound on ^Ti (53). However, using a different approach we 
obtain a near optimal bound for ^"H (53). 

Theorem 8. For g > 1 and any cube 53 given by with and 1 < 
M < p, we have 

i^H (53) > min{p29-i, M^3+o(i)^^ 
as M ^ oo. Furthermore, if g > 2 the o(l) term can be removed when 

M >pl/(29)_ 

2.3. Diameter of polynomial dynamical systems. We notice that 
results about concentration of points on curves are closely related to 
the question about the diameter of partial trajectories of polynomial 
dynamical systems. Namely, given a polynomial / G Fp[X] and an 
element mq G Fp, we consider the sequence of elements of ¥p generated 
by iterations u„ = /(un-i), n = 0, 1, . . .. Clearly the sequence Un is 
eventually periodic. In particular, let Tf^uo be the full trajectory length, 
that is, the smallest integer t such that Ut = Ug for some s < t. The 
study of the diameter 

-D/,«o(^) = inax \Uk-Um\ 

0<k,m<N-l 

has been initiated in [18] and then continued in [T0l[T2] . In particular, it 
follows from [181 Theorem 6] that for any fixed e, for Tj^^o ^ N > 
we have the asymptotically best possible bound 

as p — oo. For smaller values of TV a series of lower bounds on D / „q (A^) 
is given in [lOl [12] . 
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One easily derives from Theorem [5] the following result, which im- 
proves previous results to intermediate values of (and is especially 
effective for small values of m). 

Corollary 9. For any polynomial f G Fp[X] of degree m > 2 and 
positive integer N < Tj^uq, we have 

Df^uoiN) » min{iVi/V/2,7Vi+V(2---iy(i)|^ 

as p — 7- oo . 

On the other hand, we remark that our method and results do not 
affect the superpolynomial lower bounds of [TU] that hold for small 
values of TV. 



3. Preparations 

3.1. Uniform distribution and exponential sums. The following 
result is well-known and can be found, for example, in [251 Chapter 1, 
Theorem 1] (which a more precise form of the celebrated Erdos-Turan 
inequality) . 

Lemma 10. Let 71, ... , 7m be a sequence of M points of the unit inter- 
val [0, 1]. Then for any integer K > 1, and an interval [a, f3] C [0, 1], 
we have 



#{n = l,...,M :7„G[a,/3]}-M(/3-a) 



M / 1 \ 

< — + ^ I - + min{/3 - a, 1/k} \ 

k=i ^ 



M 



exp(27ri/c7^ 



n=l 



To use Lemma [To] we also need an estimate on exponential sums with 
polynomials, which is essentially due to Weyl, see [211 Proposition 8.2]. 

Let II ^11 = min{|^ — k\ : G Z} denote the distance between a real 
^ and the closest integer. 

Lemma 11. Let f{X) G M.[X] be a polynomial of degree m > 2 with 
the leading coefficient ^ ^ 0. Then 

M 

^exp(27r2/(n)) 
=1 

ij J2 min{M,||^?m!£i...C-i|r'} 



n=l 



-A/<€i,.../„_i<M 
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3.2. Integer points on curves and varieties. We also need the 
following estimate of Bombieri and Pila [B] on the number of integral 
points on polynomial curves. 

Lemma 12. Let C be an absolutely irreducible curve of degree d > 2 
and H > exp(o?^) . Then the number of integral points on C and inside of 
a square [0,H] x [0,H] does not exceed H^^'^ ex'p(12y/d log H log log H) . 

The following statement is a particular case of a more general result 
of Wooley [Ml Theorem 1.1]. 

Lemma 13. The number of solutions of the system of diophantine 
equations 

X3 I I rY^3 rf3 I I rY^3 q 1 

I ~r ' ' ' ~r .^g — ~r . . . ~r ^iq-, j — -'-5 -^7 

in integers Xi with \xi\ < M, i = 1, . . . , 16, is at most M^^~^°^^\ 

Proof. Writing Xi = Xi — M — 1 with a positive integer Xi < 2M + 1, 
i = 1, . . . , 16, after some trivial algebraic transformation we see that 
the number of solutions to the above equation is equal to J8,3(2M + 1). 
Since by the result of Wooley [3H1 Theorem 1.1] we have k,{3) < 8, the 
bound dZD applies with i^" = 2M + 1. □ 

We note that Lemma [T3] can be formulated in a more general form 
with k(3) instead of 8 variables on each side, but this generalization 
(assuming possible improvements of the bound k{3) < 8) does not 
affect our main results. 



3.3. Congruences with many solutions. The following result is 
used in the proofs of Theorems [T] and [71 

Lemma 14. Let f,g & ^pi-^] two polynomials of degrees n and 
m such that m \ n. Assume that the integers Xi, . . . are pairwise 
distinct modulo p and yi, . . . , y„ are arbitrary integers. Then the con- 
gruence 



(9) f{x)=g{y) (modp), 

has at most mn solutions with 



< x,y < p, 



(10) 



det 



( ^ . . . X y 
... xi yi 

■^n yn j 



1 

n-1 
n 



= (mod p). 
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Proof. Since 




.n-1 



.n-1 




= Xi . . .X. 



n 



l<:i<j<n 



n ( 



Xi — Xj) ^ (mod p), 



we deduce that, for any x and y, the last column in (fTOj) is a unique 
modulo p linear combination of the previous columns. In particular, 
for every solution (x, y) to (Q and ( ITOj) we have ?/ = (mod p) for 
some nontrivial polynomial h{X) G Fp[X] that does not depend on x 
and y. 

Now we insert this into . We observe that now the right hand side 
of ([2]), that is g{h{x)), is a nontrivial polynomial of degree mdegh. 
Thus, the congruence OH]) is a nontrivial polynomial congruence of de- 
gree d with n < d < mn. Therefore it has at most mn solutions modulo 
p. □ 

3.4. Background on Geometry of Numbers. We recall that a lat- 
tice in M"' is an additive subgroup of generated by n linearly in- 
dependent vectors. Let D be a symmetric convex body, that is, D is 
a compact convex subset of with non-empty interior that is cen- 
trally symmetric with respect to 0. Then, for a lattice in F C and 
i = 1, . . . , n, the i-th successive minimum Xi{D, T) of the set D with 
respect to the lattice F is defined as the minimal number A such that 
the set XD contains i linearly independent vectors of the lattice F. In 
particular Ai(-D,F) < ... < A„(D,F). We recall the following result 
given in [3l Proposition 2.1] (see also [SU Exercise 3.5.6] for a simplified 
form that is still enough for our purposes). 

Lemma 15. We have, 



and denoting, as usual, by (2n + 1)!! the product of all odd positive 
numbers up to 2n -|- 1, we derive: 

Corollary 16. We have, 




Using that 




n 



J]min{A,(D, F), 1} < (2n + 1)!!(#(Z^ n T)y\ 



i=l 
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4. Proofs 

4.1. Proof of Theorem [H For the sake of brevity, in this section we 
denote I = If{M] R, S). We can assume that / is large. We fix some 
L with 



(11) 



1< L< 



20' 



to be chosen later. By the pigeonhole principle, there exists Q such 
that the congruence 



y 



f{x) (mod p), Q + 1 <x <Q + M/L, S + l<y<S + M, 



has at least I/L solutions. Since there are at most two solutions to the 
above congruence with the same value of x, by the pigeonhole principle, 
there exists an interval of length 20M/I containing at least 10 solutions 
[x, y) with pairwise distinct values x. Let xq be the first of these values 
and let {xo,yo) be the corresponding solution. It is clear that I/L is 
bounded by the number of solutions of 

(yo + y)'^ = fixo + x) (modp), 
-M/L <x< M/L, -M <y <M, 

which is equivalent to 



(12) 



= c^x^ + c^x? + C\X + Co?/ (mod p), 
M/L <x< M/L, -M <y<M, 



with (c3,p) = 1. Besides, there are at least 10 solutions (x,y) with 
X pairwise distinct and such that < x < 2QM / L From these 10 



values we fix 3 solutions {xi,yi) 
gruence f[T^ in the matrix form 



(2^252/2)5 (2^35^3) and rewrite the con- 



(13) 



X 

2 

xi 



X2 
2 

XT 



X 
Xi 



y\ 

y3 
y2 
yij 



fcs\ 

C2 
Cl 

\coJ 



(y'\ 

yl 
yl 



(mod p). 



By Lemma [TU we know that at most 6 pairs {x,y), with x pairwise 
distinct, satisfy both the congruence f|T3l) and the congruence 



X 



y 
yh 



xi yi 



(mod p). 
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Since there are at least 10 solutions to (fT3|) . for one of them, say (x4, 1/4) 
we have 



3 2 

3^4 3^4 3^4 Hi 

xl X3 1/3 

X2 X2 X2 1/2 

X"^ Xl 1/1 



^ (mod p). 



Note that 1 < |A| ^ {M/I)^M. Now we solve the system of con- 
gruences 



(14) 



x'i 

xl xl X3 1/3 
x| X2 X2 2/2 



\X^ 



XT 



C2 
Cl 

Vco/ 



(yt\ 

yl 
yl 



(mod p) 



with respect to (03, C2, Ci, Cq). We write for the determinant of the 
matrix on the left hand side where we have substituted the column j 
by the vector (?/|, yl, ?/|, yl). With this notation we have that 

(modp), j = 0, ...3, 

1 (mod p), and the congruence (fT2|) is 



c, = A4_,A* 



where A* is defined by AA* 
equivalent to 

Aix^ + A2X^ + A3X + A4?/ - Ay^ = (modp). 

In particular, since, as we have noticed, C3 ^ (mod p), we have that 
Ai ^ (mod p). We can write this congruence as an equation over Z: 



(15) Aix^ + A2X^ + A3X + A4?/ - Ay^ = 
We can easily check that 

IA4I < {M/lfM'^ 

and 



ix,y,z) G Z^. 



J 



1,2,3. 



Thus, collecting the above estimates and taking into account L <^ I, 
we derive 

\z\ < - (|Ai|(Af/L)3 + |A2|(Af/L)2 + |A3|(M/L) + IA4IM + |A|M2) 
p ' 



+ 



+ 



PL ^ P J 



p \PL^ PL^ 

Since Ai 7^ 0, A 7^ 0, for each z, the curve ( fT5l) is absolutely irreducible, 
and thus by Lemma [12] it contains at most M^^^'^°^^^ integer points 
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{x,y) with |a;|, \y\ < M. Hence 

± < Mi/3+''(i) ( 1 + 



for any L satisfying ffTTj) . This imphes, that 
(16) / < LMi/3+°(i) 



If M < lOp^/*, then we take L = 1 and derive from (1161) that 

j\/f7/3+oil) 

I < Mi/3+o(i) ^ < ]vfi/3+o(i) 

Let now M > lOp^^^. We can assume that / > M^/^p~^/^, as oth- 
erwise there is nothing to prove. Then we take L = [M^/^^-i/ej ^-^^ 
note that the condition ( ITT]) is satisfied. Thus, we derive from ( IT6|) that 

j\/f7/3+oil) 

I < LMi/3+o(i) + ill—-— < M^/^+od) -1/6 

pl/4^1/2 - ^ 

and the result follows. 

4.2. Proof of Theorem [2]. Clearly we can assume that 

(17) M > 
as otherwise 

^5/3+o(l) 

(mVp)^/^^m < ^1^-^ 

and the result follows from Theorem [TJ We can also assume that M = 

We fix one solution (xq, yo) to the congruence ([1]) and by making the 
change of variables {x,y) H- {x — xo,y — yo), we see that it is enough 
to study a congruence of the form 

(18) y'^ — CQy = c-^x^ + C2x'^ + Cix (modp), |y| < M. 

Let W be the set of pairs {x, y) that satisfy f|T8l) . and by X we denote 
the set of x for which (x, y) G W for some i/. Let 

We now fix some £ > and assume that 

(19) p > {M'^/pf'^^M'. 

We also assume that M is sufficiently large. In view of ( ITTl) and (fT9l) . 
we also have 

(20) p > M^^/^°. 



POINTS ON CURVES IN SMALL BOXES AND APPLICATIONS 15 

For > we define the intervals 

J.^ = MM^^9M^, 1^ = 1,2,3, 



which we treat as intervals in ¥p, that is, sets of residues modulo p of 
several consecutive integers. 
We now consider the set 

of all triples 

(21) s= {xi + ...+xs, xl + ... + xl, xl + ...+xl) (modp), 

where Xj, i = 1,...,8, independently run through the set X. We 
observe that the system of congruences 

(22) x{ + ... + xi=xi + ... + x{q (mod p), j = 1, 2, 3, 

has at most M^^^"*^^-* solutions in integers Xi,yi with |a;j|, < M. 
Indeed, since M = o{p^^^), the above congruence is converted to the 
system of diophantine equations 

x{ + . . . + Xg = Xg + . . . + XiQ, j = 1, 2, 3, 

which by Lemma [12] has at most M^^~^°^^^ solutions in integers Xj with 
< M, i = 1, . . . , 16. Therefore, the congruence 0221) has at most 
Mio+°(i) solutions in Xj G A", 2 = 1, . . . , 16, as well. Thus, collecting 
elements of the set that correspond to the same vector s given 
by (12T!) and denoting the number of such representations by A^(s), by 
the Cauchy inequality, we obtain 

1/2 

seS 

Thus 

Hence, there exist at least p^^M^^°^^^ triples 

(^1,^2,23) e /i,8 X /2,8 X /3^8 

such that 

C3Z3 + C2Z2 + CiZi = Z2- Coil (mod p) 

for some 22 ^ -^2.8 and 'zi G /i^s- Iii particular we have that the congru- 
ence 

£3^:3 + C22;2 + Z2 + ciZi + cqZi = (mod p), 

{zi,Zi,Z2,Z2,Z3) G /i,8 X Ji^g X ^2,8 X ^2,8 X h,8, 
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has a set of solutions S with 

(23) #5 > p^^M^+°(^\ 

The rest of the proof is based on the ideas from [7] . 
We define the lattice 

X2 + C3X3 + C2X2 + ciXi + cqXi = (mod p)} 

and the body 

-D = {(x2,X3,X2,xi,xi) e : 

l^il < 8M, |x2|, \x2\ < 8M^ Ixsl < 8M^}. 

We see from ([23]) that 

#(Dnr) > p^^M^+°(^\ 

Therefore, by Corollary [TB| the successive minima A, = Xi{D,r), i = 
1, . . . , 5, satisfy the inequality 

5 

(24) JJmin{l, A^} < p~i^M-^+''(^\ 

i=l 

From the definition of A^ it follows that there are five linearly inde- 
pendent vectors 

(25) = {v2,i,V3^i,V2,i,vi^i,vi^i) e XiD nV, 2 = 1,..., 5. 

Indeed, first we choose a nonzero vector Vi G XiD (IT and then assum- 
ing that for 1 < i < 5 the vectors vi, . . . , Vj_i are chosen, we choose Vj 
as of the i linearly independent vectors v G XiD fl F that is not in the 
linear space generated by vi, . . . , Vj_i. 
We now note that 

A3< 1. 

Indeed, otherwise from (12^ we obtain 

min{l, Xl} < min{l, Ai} min{l, A2} < p~^H'r^+°'^^\ 
Thus recalling f l2Q|) we see that 



10M2 

Then the vector Vi must have 1^2,1 = ^2,1 = ^1,1 = = 0. In turn this 
implies that ^3^1 = (mod p) and since we assumed that M = o{p^^^), 
we obtain ^3^1 = 0, which contradicts the condition that vi is a nonzero 
vector. 

We consider separately the following four cases. 
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Case 1: A5 < 1. Then by ( l24l) . we have 



i=l 

We now consider the determinant A of the 5x5 matrix that is formed 
by the vectors fl25l) . It follows that 

A « Af 2+3+2+1+1 fYK< P^''m3+°(i), 

i=l 

which, by our assumption f|T9l) . implies that |A| < p. On the other 
hand, since Vj G F, we have A = (mod p), thus A = provided 
that p is large enough, which contradicts the linear independence of 
the vectors in ( l25l) . Thus this case is impossible. 
Case 2: A4 < 1, A5 > 1. Let 



V 



w 



/ -V2,l \ 
-V2,2 
-V2,3 
\ -^2,4 / 



/C3\ 

Cl 
V Co / 



(mod p). 



/ ^^3,1 ^2,1 ^^1,1 Vi^l \ 

V3,2 V2,2 Vl,2 Vl,2 

^3,3 ^^2,3 ^^1,3 ^^1,3 

\ ^3,4 V2,4 t^l,4 t^l,4 / 

We have 

Vc = w 
Let 

A = det 

and let A^ be the determinants of the matrix obtained by replacing the 
j-th column of ^ by w, j = 1, . . . , 4. 
Recalling fl2ll) . we have 

(26) |A| < A1A2A3A4M3+2+1+1 < p-i6^i+°(i) 

and similarly 

(27) 



\Ai\ < p~^^M"^^\ IA2I 
IA3I < p-i6Af2+°«, |A 



4I <p-i6M2+°« 



Note that, in view of fll9l) . in particular we have 

|A|,|A,|<p, j = l,...,4. 

If A = (mod p) then since c is nonzero modulo p we also have A^ = 
(mod p), j = 1, . . . , 4, implying that A = 0, A^ = 0. Then the matrix 
formed by Vi, . . . , V4 is of rank at most 3, which contradicts their linear 
independence. Therefore A ^ (mod p) and thus we have 

A4-i 



(mod p), 



0,1,2,3. 
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Since C3 ^ (mod p), we have Ai 7^ 0. We now substitute this in ( fT8l) 
and get that 

A|/^ - A4?/ = Aix^ + A2X^ + A3X (modp), \x\,\y\<M. 

We see from ( |T9l) . ( !26l) and ( 1271) that for sufficiently large M the ex- 
pressions on both sides are less than p/2, implying the equality 

A?/^ - A41/ = Aio;^ + Aax^ + Agx, |a;|, \y\ < M. 

Now we use Lemma [12] and conclude that the number of solutions is 
at most Mi/3+o(i)_ 

Case 3: A3 < (10M)-\ A4 > 1. By we have 

j=i 

Since A3 < {lOM)'^, we also have 

(28) Vj = (w2,i,W3,i,?^2,i,0,0), i = 1,2,3. 

In particular, 

V2,l f3,l ^^2,1 \ / 1 \ / \ 

""2,2 ^^3,2 ^2,2 C3 = (modp). 

^2,3 ^^3,3 ^2,3 ) \C2 ) \ / 

Thus, for the determinant 

(^^2,1 ^^3,1 ^2,1 
^^2,2 '^'3,2 ^^2,2 
^2,3 ^^3,3 ^^2,3 

we have 

A = (mod p). 
On the other hand, from (l20l) we derive that 



|A| < AiA2A3M^ < < M'-^+^^i). 

Hence, A = 0, which together with ( !28|) implies that the vectors 
vi,V2,V3 are linearly dependent, which is impossible. 
Case 4: (lOM)-i < A3 < 1, A4 > 1. By ([21]), we have 

nA,<p-i6M-6+°« 

1=1 

and since A3 > (10A/)~^, we obtain 

A1A2 < p-^^M^^+^^i^ 
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We again note that Ai > {10 AP)^^, as otherwise vi must have V2,i = 
V2,i = ^^'1,1 = Vi^i = 0. In turn this imphes that v-^^i = (mod p) 
and since we assumed that M = o(p^^^), we obtain 1^3.1 = 0, which 
contradicts the condition that vi is a nonzero vector. 

Since Ai > (lOM^)"! and p > M'^/^o, we get that A2 < {10M)-\ 
Thus, we have 

Vj = (W2,i,f3,i,^^2,i,0,0), i = l,2. 

Next, 



V3,2 V2,2 J \ C2 J ~ \ -V2,2 

Now we observe that 

(29) A = det f g'J ] « AiAsM^ < 

Furthermore, 



l^mod p). 



16 



(30) A, = det ( -^^^^ Z^'^ ) « A,A,M^ < ^^^I^, 
and 

(31) A2 = det ( -^^'^ 1 « AiA^M^ < 



In particular, |A|, |Ai|, IA2I < p. Therefore, if A = (modp), then 
Ai = A2 = (mod p) and we see that A = Ai = A2 = 0. Thus, in 
this case the rank of the matrix formed with vectors vi , V2 is at most 
1, which contradicts the linear independence of the vectors vi,V2. 
Hence, A ^ (mod p) and we get that 

C3 = ^ (mod p), = ^ (mod p). 

We now substitute this in (ITH]) and get that 

Ay^ — aoy = Aix'^ + A2X^ + 602^ (mod p), \x\, \y\ < M, 

for some integers ao; ^o- We observe that the condition C3 ^ (mod p) 
implies that Ai 7^ 0. 
Let now 



T 



Ay/%16/3 

mJ 



Note that M^/^ < T < T'^ < p/2. By the pigeonhole principle, there 

exists a positive integer 1 < to ^ + 1 such that 

p p 

|(toao)p| < ^, \{toh)p\ < -, 
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where (x)p is the element of the residue class x (mod p) with the least 
absolute value, see also [131 Lemma 4]. Hence 

toAy^-(toao)p2/ = ^oAia;^+toA2X^ + (to&o)pa; (modp), \x\,\y\<M. 

By ( l29l) . ( I30l) . ( 13T]) . the absolute value of the both hand side is bounded 
by pM^+°(i)T-i. Thus, we get 

toAy^ - {toao)py = toAix^ + toA2X^ + {tobo)pX + pz, 

where 

\x\,\y\<M, |z| < M^+°(i)T-\ 

Now we use Lemma [I2] and conclude that the number of solutions is 
at most 



/ ^^3x1/16 



Since e > is arbitrary, the result now follows. 

4.3. Proof of Theorem [H. Let X be the set of integers x G [i? + 
+ M] such that the congruence ([1]) is satisfied for some integer 
y E [S* + 1, S* + M]. In particular, letting X = we have 

(32) If{M;R,S) <2X. 

Fix some integer k > 1 and consider the set 

yk = {yl + ... + yl (mod p) : S + 1 < y^ < S + M, i = 1, . . . , k}. 

By making the change of variables yi = S + Zi, i = 1, . . . , k, we observe 
that 

yk = {zl + ... + zl + 2S{zi + ... + Zk) + kS^ (mod p) : 

1 < Zi< M, i = l,...,k}. 

In particular, 

#3^fc < # {r + + fc^^ : 1 < r < fcM^, 1 < s < fcM} < k^M^. 
For any (xi, . . . , Xfc) G A"^' there exists A G such that 
f{xi) + ... + f{xk) = \ (modp). 

Thus, 

X' < Yl ^(^) 



POINTS ON CURVES IN SMALL BOXES AND APPLICATIONS 21 

where 

r(A) = #{(xi,...,Xfc)e[i? + l,i? + M]'= : 

/(xi) + . . . + /(xfc) = A (modp)}. 
Using the Cauchy inequahty, we derive 

Ae^fc 

where Tk{R; M) is the number of solutions of 

}\xi) + . . . + }\xk) = f{xk+i) + ■ ■ ■ + f{x2k) (modp), 

(xi,...,x2fc) G [/^ + l,/^ + M]2^ 

The quantity Tk{R; M) has been defined and estimated in [12] for i? = 
but making a change of variables, it is clear that the same bound holds 
for any R. In particular, it is proved in [12] that 

TkiR; M) « (M™/p + 1) M™(™-i)/Vfc,^(M), 

where, as before, Jk,m{,M) is the number of solutions of the system of 
equations ^ with H = M. 

Taking k = K{m) so that the bound (^^) holds, we derive 

j^2k ^ (^f^rn _|_ j^^m(m-l)/2 j^^2fe-m(m+l)/2+o(l) 

< (M"*/p + 1) m2'=+^-™+°(^) 

and obtain 

X < M{M^ /p^1/2k+o(1) _|_ j^l-{m-3)/2K+o(l) ^ 

which together with (!32|) concludes the proof. 

4.4. Proof of Theorem U Let J = Jj(M; /2, 5). 
Without loss of generality we can assume that 

0<M + l<M + S<p. 

Applying Lemma fTOl to the sequence of fractional parts 7„ = {f{n)/p}, 
n = 1,...,M, with 



a = {S + l)/p, (5 = {S + M + l)/p, K=[p/M\ 
so that we have 

1 M 
— + min{/3 - a, l/k} < — 
K p 

for /c = 1, . . . , A', we derive 

^exp(27rzA;/(n)/p) 



J< + — > 



n=l 
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Therefore, by Lemma fTTl we have 

J < 



P P 

K 



X 



k=l \-M<ei,...,£m-i<M 



min < M, 



a 

—m'.kii 

P 



-1 



Now, separating the contribution from the terms with £i . . . Im-i = 
we obtain 



_ /2" 



where 



K 



W = ^ min <j M, 

fc=l \0<Ki|,...,|£^_i|<A/ 



—m\Mi . . . im-i 
P 



Hence, recaUing the choice of K, we derive 
(33) 



X ..1 1/2'"- M2-™/2'"- 



P P 
The Holder inequahty imphes the bound 

K 



k=l 



min <{ M, 

0<Ki|,...,K™_i|<A/ 



-m!Hi . . .im-i 
P 



Collecting together the terms with the same value of ^ = mlkii . . . im-i 
and recalling the well-known bound on the divisor function, we con- 
clude that 



^2-- ^ K2---y(i) J2 min <( M, 

\z\<m\KM^-^ 



P 
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Since the sequence ||am/p|| is periodic with period p, we see that 

Thus, recalhng the choice of K, we derive 

W < i^M('"-i)/2'"-ipO(i) < ^(^-i)/2— i-y+o(i)^ 

which after the substitution in fl33|) concludes the proof. 

4.5. Proof of Corollary [G]. Assume that H = for some vector 
b = (&o, • • • 7 i>2g~i) € Fp^. We recall that all components of any vector 
a e 03 are non-zero modulo p. Hence, G F* and we see from (j3]) 
(combinig the equations with i = 2g + 1 — h and i = 2g — 1) that 

«2g-i (modp), 

(34) Rg+l-h + 1 <ag+l-h < Rg+l-h + M, 

i?23-l + 1 <a2g~l < R2g~l + M, 

where 

(35) A = 
We also observe that 

= 625-1/029-1- 

Thus, each solution (ag+i_/i, 02^-1) of flM|) determines the value of 
and therefore, all other values of oq, ai, . . . , 029-1. 

Thus we have seen that N{H; 03) < T, where T is the number of 
solutions [x, y) of the congruence 

{36)x^' = \y^ (modp), R + 1 < x < R + M, S + 1 < y < S + M, 

where R = S = i?2g-i and A is given by fl35|) . 

We now observe that the congruence fl36|l taken with h = 4, which 
is admissible for > 2, implies 

= Hy (mod p), R+l<x<R + M, S + l<y<S + M, 

where fi is one of the two square roots of A (we recall that g > 2). 
Applying Theorem [5] with a quadratic polynomial /, we immediately 
obtain the desired result. 
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4.6. Proof of Theorem [71 As in the proof of of CoroUary [6] we let 
H = H^ for some b = (6o, • • • , h^g-i) G F^s. 

We can assume that M < p^^^ as otherwise the resuhs are weaker 
than the trivial upper bound N{H; 03) ^ M. 

Also we can assume that T > M^^^\ where, as before, T is the 
number of solutions (x, y) to the congruence as otherwise there is 
nothing to prove. 

We follow the proof of Theorem [TJ We fix some L with 

T 

(37) 1 < L < — -, 

to be chosen later. Note that if T < 16g + 16 there is nothing to prove. 
Thus, there exists Q such that the congruence 

x^'^Xy^ (modp), Q<x<Q + M/L, S + l<y<S + M, 

has at least T/L solutions. Since there are at most two solutions to 
the above congruence with the same value of x, by the pigeonhole 
principle, there exists an interval of length 4{h + 1)M/T containing at 
least 2{h + 1) solutions {x, y) with pairwise distinct values x. Let Xq be 
the first of these values and {xo,yo) the solution. It is clear that T/L 
is bounded by the number of solutions of 



{xo + x)'' = X{yo 
-M/L <x< M/L, 

which is equivalent to 



(3J 



where 



ChX + . . . + cix H 
-M/L <x< M/L, 



(mod p), 

-M <y < M, 

coy = y^ (modp), 
-M <y <M, 



Co 



-2yo 



and 



A* 



h-j 



J 



where A* is defined by A*A = 1 (mod p) and 1 < A* < p. In particular, 
c/i ^ (modp). Besides, there are at least 2h + 1 solutions {x,y) 
of fl55]) with X pairwise distinct and such that 1 < x < 4{h + 1)M/T. 



From these 2h - 
in the form 



1 values we fix h: (xi, yi) 



{xh, Vh) and rewrite 





/x^ . 


X 


(39) 


x\ . 


■ Xh 




Vi ■ 


. Xi 



yij 



y\ ( Ch 

yh 

Cl 

\coJ 



(y'\ 

yl 



\ylj 



(mod p). 



POINTS ON CURVES IN SMALL BOXES AND APPLICATIONS 



25 



Since h is odd, by Lemma fT4l we know that at most 2h pairs (x, y), with 
X pairwise distinct, satisfy both the congruence ( 15^ and the congruence 



X y 
Xh Vh 

xi yi 



(modp). 



Since there are at least 2h + 1 solutions of ( 15^ . for one of them, say 
{xh+i,yh+i), we have 



A 



Xh+l 

xi 



Xh+l yh+i 

Xh Vh 



^ (mod p). 



Note that 1 < |A| < {M/TY^^'^^^I'^M. Now we solve the system 



fx^ 



(40) 



h+l 
h 



Xh+l Vh^ 



X 



\ 



Xh 
Xl 



Vh 



yi J 



( Ch\ 

Ch-1 

V Co y 



fyl+i\ 
yl 



(mod p) 



with respect to (c^, . . . , Ci, Cq). We write A^ for the determinant of the 
matrix on the left hand side where we have substituted the column j 
by the vector (y^+i, • . . , yD- With this notation we have that 



A 



h+i~j 



J = 0, 



and the congruence (138|) is equivalent to 

/^ix^ + Asx^"^ + . . . + /^hX + /^h+iy - Ay^ = (mod p). 

In particular, Ai ^ (modp). We can write this congruence as an 
equation over Z: 



(41) Aix'^ + Asx'*-^ + ... + ^hX + Ah+iy - Ay' 
We can easily check that 

|A^+i| < (M/T)'^(^+i)/2m2 



pz, 



and 



h. 



26 M.-C. CHANG ETAL. 

Thus, collecting the above estimates, we derive 



\z\ < 



P \ 



j^h{h+l)/2+3 



pj^h{h~l)/2lh- 

Since h is odd, and A 7^ 0, Ai 7^ 0, we have that, for each z, the 
curve (HT!) is absolutely irreducible. Thus by Lemma [T2] it contains at 
most M^^^'^°^^'^ integer points {x,y) with \x\, \y\ < M. Hence 

/ n^h{h+l)/2+3 \ 

(42) T < LMV^-(i) ^1 + ^^,(,31)7^ j 

for any L satisfying (1371) . 

We can assume that the following lower bounds hold for T: 

(43) T > M^/'' and T > 16{h + 1) {M{M^ /pf'^^^+^'^ + l) 

since otherwise there is nothing to prove. 

Take L = [l + ^M^{h+i)/^+^ jpf/Hh+i)^^ ^Q^g that ([37D holds as 

otherwise L >2 and we have 

//i#h(h+l)/2+3\ S/Z^e^+l) 7- 7^ 

>L-l>->— 

\ P J ~ ~ 2 16/1 + 1 



> 



/ \ ( jVf '^('i+l) /2+4 \ 2//i{/i+l) 

VP/ VP/ 



which is impossible. 

If M < pi/('i('i+i)/2+3) j^g^yg 2, = 1 and also 

j|^/i(/i+l)/2+3 j\^h.(h+l)/2+3 

< < 1. 



pj^h{h~l)/2lh - p 

In this case, the bound ( l42l) yields 

If M > pl/(ft(/^+l)/2+3)^ ^g J^g^yg 

^j^^M/'+l)/2+3^p-)2/M/i+l) < ^ (^]\^'i('i+l)/2+3^p-)2//i(fc+l) 
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and, recalling our assumption ( 143|) and the choice of L, we obtain 

^/i(/i+l)/2+3 

prph{h-\)/2 Ih 

j^h(h+l)/2+3 

^ pM'^('^-l)/2(M4/p)('*-l)/('*+l)(M^(^+l)/2+3/p)2/('^+l) ^ ^' 

Hence, in this case we derive from f l42l) that 

which concludes the proof. 

4.7. Proof of Theorem O Clearly 

(44) N{H-^) = M^3 and ^ A^(i/; *B)2 = T(Q3). 

As in [13], using (jH]) and the Cauchy inequality we derive 

(03) > M^3T{^y\ 

From (j4]) we observe that T(!B) is the numbers of pairs of vectors 
(a, b), a, b G such that there exists a such that 

Oi = (modp), i = 0, . . . ,2g - 1. 

In particular, 

«29-1^2c,-2 = «2g-2^2g-l (mod p) . 

Now, by [T3j Theorem 7] we see that there are only O (^M^/p + M'^~^°^^^^ 
possibilities for the quadruple (a2£,-i, a2g_2, &2g-i5 &2c/-2)- When it is 
fixed, the parameter a in (jl]) can take at most 4 values, and thus for 
every choice of (cq, . . . , ^23-3) there are only 4 choices for (60, • • • , &2g-3)- 
Therefore, 

(45) r(<B) < M^s-^ {M^/p + M2+°(i)) . 

When M < p^/^^a) ^e obtain T(53) < M^^+oii) (^$3) > 

M^s+^Ci), which proves Theorem [8] in this range. 

When M > p^/^'^s) -^^g ^gg ^ different approach. Using the notation 

= #{(ai, b^) : a,/6i = X (mod p), i?i + 1 < a„ 6i < + M}, 
we can write 

p-i 

T(*B) = 5^iVo(a^^+2)iVi(a^^) . ..N^g-.^a^). 

a=l 
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Thus, 



a 

a=l J \ a.=\ 



and then we have 

T(^) < max ViV^^(a). 



I 



We observe that for any a ^ (mod there exist integers r, s with 
1 < |r|, s < p^/^, (r, s) = 1 and such that a = r/s (mod p). Thus 

"=1 l<r-,s<pi/2 l<r,s<pi/2 

gcd(r,s)=l gcd(r,s)=l 

Our estimate of Ni{r/s) is based on an argument that is very close 
to that used in the proof of |21 Lemma 1]. Namely, we observe that 
Ni{r/s) is the number of solutions (x, to the congruence 

x/y = r/s (mod p), Ri + \ < x,y < Ri + M, 

which is equivalent to the congruence 

sx — ry = c (mod p), 1 < x,y < M, 

for a suitable c. We can write the congruence as an equation in integers 

sx — ry = c + zp, I < x,y < M, 2; G Z. 

We observe that 

^ \s\M + \r\M + \c\ ^ (|s| + \r\)M ^ ^ 
~ p ~ P 

For each z we consider, in case it has, a solution {x^, yz), 1 < Xz,yz < 
M. The solutions of the diophantine equation above is given by (x, y) = 
[Xz + rt,yz + st), t E 1j. The restriction 1 < x,y < M implies that 
\t\ < M/ max{r, s}. 

Thus we have 

, , / 2M \ f 2M{s + r] 

N^{r/s) < 1 + 1 + ^ '- 

\ maxjr, s\ J \ p 

4Mmax|r, s| 2M 

< 1 + + 7 r + • 

p maxjr, s\ p 
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Therefore 



gcd{r,s)=l 



^ / M^3 (max{r, s}f^ 

l<r,s<pi/2 \ 



« E (^ + ^^ + 

l<r<s<pl/2 



p2g 



l<S<pl/2 ^ 











525-1 + 


p23 



<P+ — T + M^ > + 

l<S<pl/2 

The estimate of the sum with Nf^{—r/s) is fully analogous. 
Assume that M > p^/^^a) and observe that 

V- JlogM, if (7 = 1, 

S23-1 ^ 1 1 if ^ > 2. 

Thus we have 

log M + MVp, if^ = l, 



+ M^9/p29-l^ if^>2, 



(46) T(Q3) < 

which gives 

and proves Theorem [8] in the range M > p^/'^s _ 



min{p,M2+''(i)}, if ^ = 1, 
min{p29-i,M29}, if ^ > 2, 



5. Comments 

The problem of obtaining a nontrivial upper bound for //(M; i?, S) 
in the range p^/^ < M < p^/^ is still open. 

On the other hand, we note that using bounds of exponential sums 
obtained with the method of Vinogradov instead of Lemma [TTl see [5l 
[T5| [30l [37] and references therein, also leads to some nontrivial on 
J/(M; R, S) but these results seem to be weaker than a combination of 
Theorem [5] with the bounds from [12] . 
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Similar ideas can be exploited to obtain lower bounds for the cardi- 
nality of the set X{B) of non-isomorphic isogenous elliptic curves iJa 
with coefficients in a cube B. 

Indeed, let us denote by Xt the isogeny class consisting of elliptic 
curves over Fp with the same number p + 1 — t oi Fp-rational points. 
By a result of Deuring [T3], each admissible value of t, that is, with 
\t\ < 2p^/^, is taken and hence there are about 4p^/^ isogeny classes. 
Furthermore, Birch [1] has actually given a formula via the Kronecker 
class number for the number of isomorphism classes of elliptic curves 
over a finite field Fg lying in X^. Finally, Lenstra [23] has obtained 
upper and lower bounds for this number and, in particular, shown that 
the number of isomorphism classes of elliptic curves of a given order is 
O (p^/^ logp (log logp)^) . 

Observe that once again bounds for N{H; 03) can be translated into 
bounds for the number of isogenous non-isomorphic curves with coeffi- 
cients in ?B, via multiplication by However, as we have done 
before, one can obtain better bounds in terms of T(53) which is given 



Thus, using (jUj) and P6|) . with g = l,we see that for the set !B) 
of elliptic curves G X^ with a G we have 



for < M < p'^/® ^ (with any fixed e > 0). Furthermore, it also 

implies the lower bound 



by dSD. 



H£ni<B)nit 




This improves the trivial bound 



n{N,^) < min{M^p^/2(logp)^/2loglogp} 



mi3) » 



M2 



maX|t|g2pi/2'H(t, 53) 
> min{p^/^ Mp"^/^ log"^/^ M}{\ogpy^/'^{\og\ogp) 
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